Checklists

Self assessment for touring companies and venues

The following checklists should give both “touring”* companies and “venues”** respectively a good overview of factors to consider ahead of embarking on data sharing arrangements. Once you have looked at each item carefully and decided you are in a good position to proceed, you should be able to enter into the necessary negotiations with increased confidence, and in line with good practice.

As of April 2016, Data Controllers funded by Arts Council England will be expected to make data available to partners and visiting companies relating to audiences with whom they have a shared relationship. NPOs will be encouraged to follow the checklists.

* We use "touring" as a catchall for any company / artists operating in a space where data is being collected by a separate "host" organisation or venue.

Touring companies data sharing check-list

Touring companies need to review why they need a venue or other Data Controller to share data and their capacity to manage their responsibilities under the Data Protection Act and the Privacy and Electronic Communications Regulations.

A company that can answer “yes” to all these questions should expect a venue or partner to share data with them.

Do we have a clear purpose/s for the data we want to share?

How does that purpose align with the audience development and/or marketing and communications strategies of the venues we are visiting?

Is it in the interests of our audience?

Have we explored other easier options to achieve these purposes without having to

obtain personal customer data ourselves? (Such as a single communication from the venue to try and recruit sign-ups to a company mailing list, or a report, Audience Finder or Show Stats?)

Have we been specific about what data we need for our purpose, and in what format?

Are we willing to contribute to the costs of any set-up, data processing, management or

Do we have the necessary systems in place to look after data properly in compliance with data protection?

If we aim to share and receive customers’ personal information, are we registered with the ICO as a data controller to be able to do so? [See Q&A here for more information].

Do we have the skills in place to analyse or filter data effectively?

Do we have a clear relationship to the people whose data we want to access?

Are we satisfied that customers will welcome our message/s, the form and frequency of their communication?

Are we willing to schedule communications in agreement with the Data Controller?

Can we be sure that we have the procedures and checks in place to respect the privacy and permissions granted by customers?

Can we manage customer opt-outs and complaints in the future?

Do we have a collaborative relationship with the venue we want to share data with? (Or plans in place to build one?)

Do we have/will we get a transparent data sharing agreement addressing concerns of both parties included as part of our relationship and contract?

You can access audience metrics from venues in Audience Finder through Show Stats here.

Data controlling venues data sharing check-list

Venues that wish to enter into data sharing arrangements with touring companies should make sure that they are well-placed to meet their obligations as the Data Controller and that agreements are set in place to support a collaborative approach to managing customer relationships.

A venue (or other data controller) that can answer “yes” to all these questions is considered to be acting fairly, and in line with good practice.

Do we have a transparent, consistent policy for data sharing?

Does this include explaining our position on collaborative approaches to audience development?

Are we registered with the ICO as a Data Controller, and are the details of our registration up to date and accurate? (See the ICO's registration page here for more information).

Have we/can we set up appropriate notifications and permissions for specifically named touring companies or artists?

Have we ensured returning customers are recognised and duplicate records are not created or permissions requested repeatedly?

Are basic terms for data sharing clearly stated and included as part of our contracts with a visiting company?

Have we set a fair rate card for data analysis (see suggestions) and provision of contacts?

Have we given permission to share data for research purposes through Audience Finder in relation to requests from a specific company?

How can we share data with this company in the most effective way to meet their, or our shared purpose?

If we have a reason for NOT wanting to share data with this company, have we offered them an opportunity to address our concerns? Have we suggested any alternatives that could meet their purpose?

Do we have/will we get a transparent data sharing agreement which addresses the concerns of both parties included as part of our relationship and contract.

Feedback and questions

If you would like to raise any questions or provide feedback for this section of the guidance please use the form below. All messages received will be reviewed by Arts Council England. Please be aware that it may not be possible to answer all messages that we receive.